The present invention generally relates to systems and methods for managing health care information. Particularly, the present invention relates to systems and methods for generating local electronic medical record systems for secure patient and/or physician access using patient medical record data stored in encrypted form.
In the current medical environment, access to patient medical records is cumbersome and fragmented. Typically, medical records are maintained at individual clinics. If a patient visits more than one clinic, a patient may have a plurality of medical records. For example, a patient may visit a first clinic and create a first medical record and the patient may subsequently visit a second clinic and create a second medical record. If the second clinic does not have access to the first medical record, the examination and diagnosis at the second clinic may be duplicative and inefficient.
The lack of comprehensive medical records is also duplicative and inefficient for the patient. For example, a patient typically fills out similar forms at each clinic the patient attends. The patient may fill out a form with the patient's medical history, various conditions, allergies, heredity information, or other information. The individual clinic then maintains their own record for the patient. As a patient may visit a plurality of clinics throughout their life, the patient may repeatedly fill out the same information. In some circumstances, the patient may not fill out the same information and the various medical records at different clinics may contain partial and/or out-of-date information.
In addition, the decentralized nature of patient medical record information is perpetuated by entities other than medical clinics. For example, medical record information may be maintained by insurance entities, pharmaceutical entities, and/or laboratory entities. An update of the patient medical record at any one of these entities does not ensure the other entities are updated. Accordingly, the patient medical record information differs depending on the entity. Accordingly, it is difficult to locate a medical record that is completely up-to-date and a treating physician may not be able to obtain a complete picture of a patient's health prior to treatment.
Moreover, the decentralized nature of patient medical record information typically does not allow a patient to access their medical records. A patient cannot review a comprehensive report of their medical history and various conditions. The patient generally does not have the ability to access or update their medical records. In addition, the patient does not have the ability to restrict access to their medical records.
As a consequence of patient information being decentralized and a patient not having access to their patient medical record information, the information available to a patient regarding their health status is typically of a general nature. For example, a patient has limited sources of medical information. One of the sources a patient may attempt to gather information from is the Internet. A patient may search for medical information on the Internet and find various web sites providing general information about the condition. Some of the information may be applicable to the context of the patient and some of the information may not. A patient may have difficulty in sorting through the available information and determining what information is applicable to their circumstances.
Centralized systems, such as Google Health and Microsoft HealthVault, attempt to address some of these issues, however due to limited connectivity to medical providers and other data sources, they too are unable to present a full picture of a patient's medical information. Moreover, the largest roadblock to full adoption of these systems may be the severity of the privacy concerns with respect to the handling and storing of protected health information (PHI) by non-medical, third-party companies.
Where information is gathered, Electronic Medical Record (EMR) systems typically run on local servers and use a local patient database, but this can be expensive in terms of hardware, software, maintenance, backup, etc. For simplicity, some systems are instead hosted remotely and accessed via the Web. While this approach can lower cost, it also opens up a data security risk. Sensitive data stored remotely is potentially subject to hackers and rogue administrators, for example.